package com.rpframework.website.device.act.api;

import javax.annotation.Resource;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;

import org.apache.commons.lang.StringUtils;
import org.springframework.stereotype.Controller;
import org.springframework.util.Assert;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestParam;
import org.springframework.web.bind.annotation.ResponseBody;

import com.google.gson.JsonElement;
import com.google.gson.JsonObject;
import com.rpframework.core.BaseAct;
import com.rpframework.core.utils.DictionarySettingUtils;
import com.rpframework.core.utils.MessageFormatter;
import com.rpframework.core.utils.SpringUtils;
import com.rpframework.module.common.service.SMSService;
import com.rpframework.utils.AlgorithmEnum;
import com.rpframework.utils.AlgorithmUtils;
import com.rpframework.utils.GenerateUtils;
import com.rpframework.utils.NumberUtils;
import com.rpframework.website.device.domain.User;
import com.rpframework.website.device.exception.APICodeException;
import com.rpframework.website.device.service.UserService;
import com.rpframework.website.device.util.HConfig;
import com.rpframework.website.device.util.HConstants;


@Controller
@RequestMapping("/api")
public class ApiAct extends BaseAct {
	@Resource UserService userService;
	@Resource SMSService smsService;
	
	//登录 
	@RequestMapping("/login")
	public @ResponseBody String login(@RequestParam(required=false) String tel, 
			@RequestParam(required=false) String password, 
			HttpSession session, 
			HttpServletRequest request, HttpServletResponse response,
			@RequestParam(value = "callback",required = false ) String callback){
		if(StringUtils.isBlank(tel) || StringUtils.isBlank(password)) {
			throw new APICodeException(-5, "非法参数!");
		}
		
		User user = userService.findUserByContact(tel);
		if(user == null) {
			throw new APICodeException(-2, "用户名不存在!");
		}
		
		password = AlgorithmUtils.encodePassword(password, AlgorithmEnum.MD5) ;
		if (!StringUtils.equals(password, user.getPassword())) {
			throw new APICodeException(-3, "密码错误!");
		}
		
		if (user.getState() != 1) {
			throw new APICodeException(-4, "您的帐户不是启用状态！");
		}
		
		userService.doLoginRecord(user, request);
		
		session.setAttribute(SESSION_USER_KEY, user);
		//用户Id + 加密tokenKey + 加密时间 加密成一条密钥存在cookie里，在 EDongWangApi 连接器里坐未登录的情况下是否自动登陆
		HConfig examConfig = SpringUtils.getBean(HConfig.class);
		JsonObject tokenJson = new JsonObject();
		tokenJson.addProperty("id", user.getId());
		tokenJson.addProperty("ct", System.currentTimeMillis()/1000);
		tokenJson.addProperty("tk", examConfig.tokenkey);
		
		String loginEncrypt = AlgorithmUtils.enBase64(tokenJson.toString());
		Cookie cookie = new Cookie(HConstants.COOKIE_LOGIN_ENCRYPT_KEY, loginEncrypt);
		response.addCookie(cookie);
		
		JsonObject json = new JsonObject();
		json.addProperty("succ", true);
		json.addProperty("userId", user.getId());
		if(StringUtils.isNotBlank(callback))return (callback + "(" + json + ")");
		return ""+json ;
	}
	//忘记密码
	@RequestMapping("/sendsms_for_forget_password")
	public @ResponseBody JsonElement sendSMSForForgetPassowrd(@RequestParam(required=false) String contact, HttpSession session, HttpServletRequest request) {
		if(StringUtils.isBlank(contact)) {
			throw new IllegalArgumentException("非法参数!");
		}
		
		String verifyCode = String.valueOf(NumberUtils.random(6));
		String sendContent = DictionarySettingUtils.getParameterValue("sendsms.forget_passowrd");
		if(StringUtils.isBlank(sendContent)) {
			sendContent =  "本次重置密码验证码:{}，请牢记";
		}
		sendContent = MessageFormatter.format(sendContent, verifyCode);
		
		boolean flag = smsService.sendSMS(HConstants.ChannelType.SEND_SMS_FORGET_PASSWORD_CHANNEL_TYPE, contact, verifyCode, sendContent);
		if(!flag) {
			throw new IllegalArgumentException("短信发送失败!");
		}
		JsonObject json = new JsonObject();
		json.addProperty("succ", true);
		return json;
	}
	
	//重置密码
	@RequestMapping("/reset_password")
	public @ResponseBody JsonElement resetPassword(HttpSession session, HttpServletRequest request) {
		String contact = request.getParameter("contact");
		String password = request.getParameter("password");
		String verifyCode = request.getParameter("verifyCode");
		
		if(StringUtils.isBlank(contact) || StringUtils.isBlank(password) || StringUtils.isBlank(verifyCode)) {
			throw new IllegalArgumentException("非法参数!");
		}
		
		if(!smsService.checkVerifyCode(HConstants.ChannelType.SEND_SMS_FORGET_PASSWORD_CHANNEL_TYPE, contact, verifyCode)) {
			throw new IllegalArgumentException("验证码不正确!");
		}
		
		User user = userService.findUserByContact(contact);
		Assert.notNull(user, "找不到用户!");
		String newPasswordMD5 = AlgorithmUtils.encodePassword(password, AlgorithmEnum.MD5);
		if(StringUtils.equals(user.getPassword(), password)) {
			throw new IllegalArgumentException("密码一致!");
		}
		user.setPassword(newPasswordMD5);
		userService.update(user);
		smsService.setVerifyCodeVaild(HConstants.ChannelType.SEND_SMS_FORGET_PASSWORD_CHANNEL_TYPE, contact);
		
		JsonObject json = new JsonObject();
		json.addProperty("succ", true);
		return json;
	}
	
	//给指定手机号 发送验证码 contact(手机号)
	@RequestMapping("/sendsms_for_regist")
	public @ResponseBody JsonElement sendSMSForRegist(@RequestParam(required=false) String contact, HttpSession session, HttpServletRequest request) {
		if(StringUtils.isEmpty(contact)) {
			throw new APICodeException(-1, "非法参数!");
		}
		
		String verifyCode = String.valueOf(NumberUtils.random(6));
		String sendContent = DictionarySettingUtils.getParameterValue("sendsms.regist");
		if(StringUtils.isBlank(sendContent)) {
			sendContent =  "本次注册验证码:{}，请牢记";
		}
		sendContent = MessageFormatter.format(sendContent, verifyCode);
		
		boolean flag = smsService.sendSMS(HConstants.ChannelType.SEND_SMS_REGIST_CHANNEL_TYPE, contact, verifyCode, sendContent);
		if(!flag) {
			throw new APICodeException(-2, "短信发送失败!");
		}
		JsonObject json = new JsonObject();
		json.addProperty("succ", true);
		return json;
	}
	//注册
	@RequestMapping(value="/regist")
	public @ResponseBody JsonElement regist(HttpSession session, HttpServletRequest request) {
		String tel = request.getParameter("tel");
		String password = request.getParameter("password");
		String nickName = request.getParameter("nickName");
		String verifyCode = request.getParameter("verifyCode");
		
		if(StringUtils.isBlank(tel)
				||StringUtils.isBlank(password)
				||StringUtils.isBlank(verifyCode)) {
			throw new APICodeException(-1, "非法参数!");
		}
		if(!smsService.checkVerifyCode(HConstants.ChannelType.SEND_SMS_REGIST_CHANNEL_TYPE, tel, verifyCode)) {
			throw new APICodeException(-4, "验证码不正确!");
		}
		
		User user = userService.findUserByContact(tel);
		if(user != null) {
			throw new APICodeException(-2, "存在的手机号!");
		}
		String passwordhx = password;
		password = AlgorithmUtils.encodePassword(password, AlgorithmEnum.MD5);
		
		user = new User();
		user.setTel(tel);
		user.setUserName(tel);
		user.setNickName(nickName);
		user.setHeadImg("/device/user/topxiao.gif");//默认头像
		user.setPassword(password);
		user.setRealName("");
		user.setDbNo(GenerateUtils.generateCharAndNumr(7));
		user.setState(2);//默认禁用 等地址添加成功后再更改
		user.setSex(2);//默认女
		user.setCreateTime(System.currentTimeMillis() / 1000);
		boolean flag = userService.insert(user);
		//		if(flag){
		//			//注册后自动注册环信
		//			boolean f = ChatUtils.registeasemob(tel,passwordhx);	
		//		}
		//if(falg){
		//	falg = userMoneyService.doAdd(user.getId());
		//}
		smsService.setVerifyCodeVaild(HConstants.ChannelType.SEND_SMS_REGIST_CHANNEL_TYPE, tel);
		session.removeAttribute(SESSION_USER_KEY);
		JsonObject json = new JsonObject();
		json.addProperty("succ", true);
		return json;
	}
	
	//退出
	@RequestMapping("/logout")
	public @ResponseBody String logout(HttpSession session,
			@RequestParam(value = "callback",required = false ) String callback,
			HttpServletRequest request){
		session.removeAttribute(SESSION_USER_KEY);
		Cookie[] cookies = request.getCookies();//clear all cookie
		for (Cookie cookie : cookies) {
			cookie.setMaxAge(0);
		}
		JsonObject json = new JsonObject();
		json.addProperty("succ", true);
		if(StringUtils.isNotBlank(callback))return (callback + "(" + json + ")");
		return ""+json ;
	}
}
